Re: [PATCHv2] Invalid gimple __BB# accepted due to usage of atoi -> replace atoi with stroul in c_parser_gimple_parse_bb_spec [PR114541]

[Heiko Eißfeldt]

2nd try,

1. replaces atoi() with strtoul() with ERANGE checking (as before)
2. fixes the handling of misparsed 'bb_spec's in c_parser_gimple_if_stmt to 
return early.
3. adds a new test case.

I hope I am wright with the assumption that in c_parser_gimple_if_stmt
(cfun->curr_properties & PROP_cfg) should imply valid bb_spec's after goto.

        PR c/114541
        * gimple-parser.cc (c_parser_gimple_parse_bb_spec):
        Use strtoul with ERANGE check instead of atoi to avoid UB

        * gimple-parser.cc (c_parser_gimple_if_stmt):
        require valid __BB# basic block indices after goto
        in both branches otherwise return with c_parser_error

        * gcc.dg/pr114541Andrew.c: New test based on
        Andrew's template in the PR.

Signed-off-by: Heiko Eißfeldt <he...@hexco.de>
On 12/5/24 8:45 AM, Richard Biener wrote:

On Thu, Dec 5, 2024 at 1:55 AM Heiko Eißfeldt<he...@hexco.de> wrote:

As commented in PR114541 here is a first patch that
1. replaces atoi() with strtoul() with ERANGE checking and
2. fixes the handling of misparsed gimple compounds to return early.
3. adds two new test cases.

There is more work to do for Andrews testcase to succeed, so PR114541
is not done yet.

===

Replace atoi() with strtoul() with ERANGE checking.

The function c_parser_gimple_parse_bb_spec uses atoi,
which can silently return valid numbers even for
some too large numbers in the string.

Furthermore in function c_parser_parse_gimple_body
handle the case of gimple compound statement errors
more generically. In the case of cdil != cdil_gimple
now consider them as errors and return early.
This avoids further processing with erroneous data.

c_parser_gimple_compound_statement returns whether the
compound statement ended with a return statement, not
whether there was an error, so this change looks wrong.

The hunk in c_parser_gimple_parse_bb_spec is OK.

Richard.

2024-12-05 Heiko Eißfeldt<he...@hexco.de>

PR c/114541
* gimple-parser.cc (c_parser_gimple_parse_bb_spec):
Use strtoul with ERANGE check instead of atoi

* gimple-parser.cc (c_parser_parse_gimple_body):
separate check for errors in c_parser_gimple_compound_statement
and special handling of cdil == cdil_gimple to allow
a return in case of errors for cdil != cdil_gimple

* gcc.dg/pr114541-else-BB#-and-garbagechar.c: New test.
* gcc.dg/pr114541-then-BB#-and-garbagechar.c: New test.


Signed-off-by: Heiko Eißfeldt<he...@hexco.de>